IP White List for Profile - Service

IP White List for Profiles – Service

Posted on by Toma Velev

One of the ways to let users secure their profiles is allow them set IP White List from where they will access your service. The IP addresses of most users are pseudo-static in my experience – here in Bulgaria. The IPs are dynamic in settings of the Internet Provider (if the users haven’t paid additionally for truly static). In reality – they rarely change because the network hardware does not stop working. Sometimes there is electrical, hardware failure or upgrade and they may change. This does not happen too often.

Integration of some type of IP white listing is available in my personal usage in – banking and financial portals and in the big social medias. If something fishy happens, they notify in your already active session. The notification is received even when the device is new (doesn’t matter if from the same Internet Address.

So, for the purpose of securing access, I’ve made simple service with that functionality: https://programtom.com/app_profile_ip_white_list/. There are several places where I’ve already integrated the IP White List creation in my own apps, and they will grow with each idea/app/project. To minimize the work, I’ve exposed the functionality as a service. The plugging-in the same logic in a new place is – small copy/paste and change of few lines of configuration. But, that is for me. For other developers that want to use it, it will be integration with few simple endpoints.

So, the IP White List for Profiles – Service has very simple administrative definitions.

  1. App – First you create a Product where you will give the users – the possibility to restrict access.
  2. Profile – It is a User Registration that has activated the Service. You could enable or disable the feature for the concrete user.
  3. IPs added to a Profile – owned by your concrete App.

The Services exposed are:

  1. setIPWhiteListingEnabled – sets the flag in a user profile – if the white listing is active.
  2. isIPWhiteListingEnabled – returns the active flag value
  3. isIPInWhiteList – checks if some concrete IP is in the list of some profile (of concrete app)
  4. ipList – the list of Allowed IPs entered by some user [currently restricted by 100]. They are rarely more than 5 or 10.
  5. addIPinWhiteList – Adds a new IP in a User Profile List of an App
  6. removeIPinWhiteList – Removes IP from a User’s List

More technical details of – how to integrate with the Service will be given on request.

Leave a Reply

Your email address will not be published. Required fields are marked *